View previous topic :: View next topic |
Author |
Message |
60works How do I cheat? Reputation: 0
Joined: 18 Jul 2020 Posts: 3 Location: Midwestern USA
|
Posted: Sat Jul 18, 2020 7:58 am Post subject: Is this possible? Text stream of values? (FTL Game) |
|
|
Hey Folks -- my name is Dave and I was hoping to present a situation to get an idea for how difficult it'll be to implement it.
I make hardware gadgets and I'm hoping to make one for the game FTL. My main goal is two-way communication with the game. I don't want to change values, I want to monitor them in real time.
I figured out how to extract many values that I want. I figured out how to maintain those values between play sessions.
My current roadblocks:
1) Automatically selecting the game process on boot.
2) Grabbing values between reboot sessions.
3) Continually exporting values in a data stream (Serial/I2C).
Is #1 possible with basic event scripting? (More of an OS thing, less of a Cheat Engine thing.)
Is #2 possible if I properly learn Pointers?
Is #3 possible if I get deep into Lua?
Sorry for the RTFM questions, hopefully they make sense.
|
|
Back to top |
|
|
ParkourPenguin I post too much Reputation: 140
Joined: 06 Jul 2014 Posts: 4300
|
Posted: Sat Jul 18, 2020 11:17 am Post subject: |
|
|
1) Periodically look at the processes running on the system. In CE, the easy way is getAutoAttachList().add("game.exe") (Lua code) or do it manually w/ createTimer, getProcessList, openProcess, etc (see main.lua for documentation).
In something that's not CE, use the windows api CreateToolhelp32Snapshot.
2) Pointers and/or code injection. See CE tutorial step 8 for pointers (this video shows how to use the pointer scanner correctly with multiple pointer maps), and search for "injection copy" for tutorials on using code injection to get an address.
3) I don't think CE has an API for that. There's probably some Lua library that does what you need. You might be able to use os.execute some way (no clue how).
_________________
I don't know where I'm going, but I'll figure it out when I get there. |
|
Back to top |
|
|
atom0s Moderator Reputation: 199
Joined: 25 Jan 2006 Posts: 8518 Location: 127.0.0.1
|
Posted: Sat Jul 18, 2020 2:11 pm Post subject: |
|
|
1. See ParkourPenguin's answer for using the auto-attach list from Lua.
2. Will greatly depend on the game itself. Not all games rely on pointers, or require pointer usage to pull information from them. But, in most newer games they will. You would want to get familiar with several things though as not everything is as simple as just reading a pointer or having easy access to a pointer.
- Pointers in general.
- Code injection / code caves.
- AoB scanning to locate pointers and points of interest in code where an injection/cave may need to be made.
- DMA and module related shifting. (If the game runs its main code from a DLL, then you are going to be dealing with a form of DMA where the DLL can be loaded at a new base address each launch.)
3. LuaSocket can be used to communicate out of the process, or you can create your own Lua module to implement any other means of IPC.
Generally, for something like this, you'd be better off making your own cheat either via a trainer that has the extra communication bits in it, or via an injected DLL that has everything built-in.
_________________
- Retired. |
|
Back to top |
|
|
60works How do I cheat? Reputation: 0
Joined: 18 Jul 2020 Posts: 3 Location: Midwestern USA
|
Posted: Sun Jul 19, 2020 11:07 am Post subject: |
|
|
Thanks much to both of you for the responses!
Quote: | Generally, for something like this, you'd be better off making your own cheat either via a trainer that has the extra communication bits in it, or via an injected DLL that has everything built-in. |
I imagine this is quite the undertaking. Trying to balance 1) what I actually want to do -- build the hardware -- with 2) the challenge of programming the foundation.
I know it's an impossible guess, but are we talking 40 hours of my time or 100+ hours of my time?
|
|
Back to top |
|
|
atom0s Moderator Reputation: 199
Joined: 25 Jan 2006 Posts: 8518 Location: 127.0.0.1
|
Posted: Sun Jul 19, 2020 1:37 pm Post subject: |
|
|
Quote: | I know it's an impossible guess, but are we talking 40 hours of my time or 100+ hours of my time?
|
Given that we don't know anything about you or your programming skill/level, that's really impossible to answer. Reading memory from another process externally or reading it from the same process internally (if injected) are both fairly straight forward and easy to do.
External you would use things like:
To find the process and obtain the process handle:
- CreateToolhelp32Snapshot
- Process32First/Process32Next
- Module32First/Module32Next
- OpenProcess
To read the memory of the process:
- ReadProcessMemory
Potential extras needed depending on the work involved:
- VirtualAllocEx
- VirtualProtectEx
- WriteProcessMemory
For internal reading/handling, then you have direct access to the memory and can do direct type and pointer casting and do not need to use API calls for those things. (You may need things like the local/internal VirtualAlloc, VirtualProtect, etc. depending on the work involved, but not the external calls like above.)
For talking to other processes/data output, that would entirely depend on what you are looking to communicate with and what libraries/protocols that given thing supports. That isn't something we would be able to give suggestions on without knowing specifically what hardware is involved.
_________________
- Retired. |
|
Back to top |
|
|
60works How do I cheat? Reputation: 0
Joined: 18 Jul 2020 Posts: 3 Location: Midwestern USA
|
Posted: Sun Jul 19, 2020 5:29 pm Post subject: |
|
|
Thanks again for taking the time to the help.
I think my next step is digging deeper into some of what has been outlined so I can ask another set of more focused questions.
I'll bump this thread when the time comes.
|
|
Back to top |
|
|
|